Russia's Ministry of the Interior has gone public about the March 24 arrest of a 25-year-old and four others it believes was the leader of a gang of cyber-scum behind the “Svpeng” money-draining malware.
The Android malware is believed to have netted a near million-dollar haul within Russia alone (50 million rubles), hitting 350,000 Google devices during 2013 and 2014.
According to Forbes, Svpeng started by acting like a Google Play buy-credit window, opening over the top of the store requesting credit card details. Later, the group in charge switched tactics to ransomware, popping up a fake FBI “penalty notification” on screens and locking devices until the gang was paid.
Last year, Kaspersky noted the group's decision to start attacking users outside Russia's borders.
According to Google Translate, the ministry's April 11 announcement says the arrests took place in Chelyabinsk during March.
The operatives “seized a significant amount of computer equipment with traces of Internet dissemination of malicious software, mobile phones, SIM cards, electronic media, server hardware,” the statement notes, along with the credit cards that received the stolen funds.
The translation suggests a confession was obtained. ®